Hi, Just made the fix by modifying the mod_ssl patch so that connection gets closed on R.
Problem with OpenSSL 0.9.8l that it has renegotiation disabled and that it gets blocked in 'R' thus making it a potential DoS (much worse then actual R) so I'd suggest we don't use it and create immediate release of 1.1.18 with the fix. Please test the trunk or apply the patches to 1.1.x (even better vote with +1 :) Note. Don't use 0.9.8l for testing cause that bugger will block on renegotiation until socket timeout. Regards -- ^TM --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
